I am from Sony Pictures and saw your piece this morning on the attacks Sony has been under. I wanted to point out that the 1 million number you refer to in relation to an attack was announced June 2 by LulzSec, however, the actual number is less than 38,000. There is a notice on our web site:sonypictures.com (click on the red banner)

We recently broke into SonyPictures.com and compromised over 1,000,000 users' personal information, including passwords, email addresses, home addresses,dates of birth, and all Sony opt-in data associated with their accounts. Among other things, we also compromised all admin details of Sony Pictures (including passwords) along with 75,000 "music codes" and 3.5 million "music coupons".

The decision to claim LulzSec was lying seems a gutsy one on Sony's part. Hopefully it doesn't backfire on them.

In related news, LulzSec published a heavily redacted email sent to Britain'sNational Health Service (NHS) warning them of security vulnerabilities that allowed the group to gain administrative passwords. LulzSec praised the group's work, writing:

In celebration of little girls getting bigger bones, we're now emailing NHS and informing them of those admin passwords we took months ago.

Because if we fucked over those that give health, people would literally die laughing at our antics. Poor lungs = poor lulz, people.

In the email LulzSecwrites, "While you aren't considered an enemy - your work is of course brilliant - we did stumble upon several of your admin passwords."

A spokesperson for the NHS told the BBC, "This is a local issue affecting a very small number of website administrators. No patient information has been compromised. No national NHS information systems have been affected. The Department has issued guidance to the local NHS about how to protect and secure all their information assets."

LulzSec, like the 4Chan-affiliated hacker group Anonymous, is loosely organized. However the membership of the group is thought to be much smaller and more elite than anonymous. Despite the fact that no-one is "in charge" the group managed to issue regular press releases. The group sometimes doesn't publish the results of its findings, if it appreciates the compromised organization. In other cases, like hacks on PBSand 2600 it has shown itself to remorseless at times.

Updated: June 9, 2011 5:17 p.m.

LulzSec graciously responded to these claims via Twitter:

"Sony Says LulzSec Lied About Number of Records Lost" - we didn't say we stole 1 million, we said we compromised 1 million. Silly @Sony :3

There have been a lot of customer compromises on the Internet. From banks, no less. Government. The military. Do we expect Sony to be invulnerable to hackers while the others don't get so much backlash? Citibank just leaked 200k peep's worth of data. No mention? Does DT have a special angst against Sony?

You're right, there was an article about Citibank. My bad. I follow DT via a Yahoo RSS.

However, how many earthquakes and tsunamis has Citibank gone through prior to the hack?

I think Sony might have already had its hands full. Sure, maybe they needed to beef up their security. However, I'm also sure that the circumstances have given them an awful lot to deal with in addition to other things.

I'm not really trying to defend Sony. I'm just saying that a lot of the comments here are really over-the-top.

Sony quite literally left their doors open. If lulzsec had circumvented a complicated security system sony would be getting less flack. The fact that they are able to constantly steal from sony's databases is what makes this an interesting story, and what generates such resentment against sony's comments.

"We are going to continue to work with them to make sure they understand the reality of the Internet. A lot of these people don't have Ph.Ds, and they don't have a degree in computer science." -- RIM co-CEO Michael Lazaridis